POV-Ray: Newsgroups: povray.off-topic: Password difficulty: Re: Password difficulty

POV-Ray : Newsgroups : povray.off-topic : Password difficulty : Re: Password difficulty		Server Time 29 Jul 2024 14:24:53 EDT (-0400)

From: Orchid XP v8
Date: 11 Aug 2011 15:47:46
Message: <4e4431e2$1@news.povray.org>

>>> Arguably that's the most accurate way, but not the most realistic way.
>>> It wouldn't be realistic to run a prospective password through each one
>>> of those tools when setting the password.
>>
>> You don't think so?
>>
>> I think that if you type a password and a cracker can guess it in under
>> 30 seconds, you should definitely pick a different password. But maybe
>> that's just me...
>
> You said "password crackers" (plural).  You might have noticed, but users
> aren't exactly patient about things.  If it takes all these tools 20
> minutes to decide the password is secure enough, they'll be complaining
> to you that their system hung when they changed their password.

Oh, I see.

Well, yes, the average user doesn't give a fig how secure their password 
is, only how difficult it is to remember. I was thinking more of people 
who *do* care about such things.

>> On the other hand, salting the password trivially defeats rainbow
>> tables.
>
> Sure, but how many password systems don't use a salt value?

Well, that's true enough, sadly...

(I still remember having a 25-post discussion with Tom Kyte about this. 
He still fails to see why salt is useful.)

-- 
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*

Post a reply to this message